CVE-2021-0265 - OpenCVE

An unvalidated REST API in the AppFormix Agent of Juniper Networks AppFormix allows an unauthenticated remote attacker to execute commands as root on the host running the AppFormix Agent, when certain preconditions are performed by the attacker, thus granting the attacker full control over the environment. This issue affects: Juniper Networks AppFormix 3 versions prior to 3.1.22, 3.2.14, 3.3.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Appformix

Configuration 1 [-]

OR	cpe:2.3:a:juniper:appformix::::::::
	cpe:2.3:a:juniper:appformix::::::::

No data.

References

Link	Providers
https://kb.juniper.net/JSA11156

History

No history.

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2021-04-22T19:37:22.989145Z

Updated: 2024-09-16T18:19:35.199Z

Reserved: 2020-10-27T00:00:00

Link: CVE-2021-0265

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-04-22T20:15:09.843

Modified: 2021-05-04T20:38:26.287

Link: CVE-2021-0265

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Contrail Insights", "vendor": "Juniper Networks", "versions": [{"lessThan": "3.1.22, 3.2.14, 3.3.0", "status": "affected", "version": "3", "versionType": "custom"}]}], "datePublic": "2021-04-14T00:00:00", "descriptions": [{"lang": "en", "value": "An unvalidated REST API in the AppFormix Agent of Juniper Networks AppFormix allows an unauthenticated remote attacker to execute commands as root on the host running the AppFormix Agent, when certain preconditions are performed by the attacker, thus granting the attacker full control over the environment. This issue affects: Juniper Networks AppFormix 3 versions prior to 3.1.22, 3.2.14, 3.3.0."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Remote Command Execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-04-22T19:37:22", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://kb.juniper.net/JSA11156"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: AppFormix 3.1.22, 3.2.14, 3.3.0, and all subsequent releases."}], "source": {"advisory": "JSA11156", "defect": ["AP-1330"], "discovery": "USER"}, "title": "Contrail Insights: The REST API implementation allows an unauthenticated remote attacker to execute commands as root.", "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-04-14T16:00:00.000Z", "ID": "CVE-2021-0265", "STATE": "PUBLIC", "TITLE": "Contrail Insights: The REST API implementation allows an unauthenticated remote attacker to execute commands as root."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Contrail Insights", "version": {"version_data": [{"version_affected": "<", "version_name": "3", "version_value": "3.1.22, 3.2.14, 3.3.0"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An unvalidated REST API in the AppFormix Agent of Juniper Networks AppFormix allows an unauthenticated remote attacker to execute commands as root on the host running the AppFormix Agent, when certain preconditions are performed by the attacker, thus granting the attacker full control over the environment. This issue affects: Juniper Networks AppFormix 3 versions prior to 3.1.22, 3.2.14, 3.3.0."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote Command Execution"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA11156", "refsource": "MISC", "url": "https://kb.juniper.net/JSA11156"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: AppFormix 3.1.22, 3.2.14, 3.3.0, and all subsequent releases."}], "source": {"advisory": "JSA11156", "defect": ["AP-1330"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "There are no known workarounds for this issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:32:10.475Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://kb.juniper.net/JSA11156"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0265", "datePublished": "2021-04-22T19:37:22.989145Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T18:19:35.199Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:juniper:appformix:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5F34E62-DBBD-4795-A80B-2D08AA8F5AF2", "versionEndExcluding": "3.1.22", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:juniper:appformix:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF1AF84C-C7F2-437D-9F01-357DE30863CE", "versionEndExcluding": "3.2.14", "versionStartIncluding": "3.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An unvalidated REST API in the AppFormix Agent of Juniper Networks AppFormix allows an unauthenticated remote attacker to execute commands as root on the host running the AppFormix Agent, when certain preconditions are performed by the attacker, thus granting the attacker full control over the environment. This issue affects: Juniper Networks AppFormix 3 versions prior to 3.1.22, 3.2.14, 3.3.0."}, {"lang": "es", "value": "Una API REST no comprobada en AppFormix Agent de Juniper Networks AppFormix, permite a un atacante remoto no autenticado ejecutar comandos como root en el host que ejecuta AppFormix Agent, cuando determinadas condiciones previas son llevadas a cabo por el atacante, lo que le otorga al atacante control total sobre el entorno. Este problema afecta a: Juniper Networks AppFormix versiones 3 anteriores a 3.1.22, 3.2.14, 3.3.0"}], "id": "CVE-2021-0265", "lastModified": "2021-05-04T20:38:26.287", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "sirt@juniper.net", "type": "Primary"}]}, "published": "2021-04-22T20:15:09.843", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA11156"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}